36C3 - SigOver + alpha

Edit subtitles

0:19 - 0:22

Herald: Okay, very warm welcome everybody.
0:23 - 0:24

It's my great pleasure to announce this next talk
0:24 - 0:27

which is going to be called SigOver + alpha
0:27 - 0:30

where CheolJun Park and Mincheol Son are going
0:30 - 0:33

to be talking about signal overshadowing attacks in LTE
0:34 - 0:37

The two of them are researchers at the KIST in Korea,
0:37 - 0:40

the Korean Advanced Institute of Science and Technology
0:40 - 0:45

and I'm really interested in hearing about the exploits these two found.
0:45 - 0:50

Please give them a huge warm welcome with an applause thank you.
0:50 - 0:53

[Applause]
0:54 - 0:59

Mincheol: Thank you. Good afternoon. Welcome to our talk. The name SigOver + Alpha
1:00 - 1:06

what we're talking about is very interesting, realistic and a new attack in LTE.
1:07 - 1:08

my name is Mincheol.
1:08 - 1:13

I'm a graduate student at System Security Lab at KAIST.
1:13 - 1:18

My research interest is in cellular networks and comparison analysis.
1:19 - 1:21

CheolJun: Hi, my name is CheolJun
1:21 - 1:26

and I'm also a PhD student in security systems security lab in KAIST
1:26 - 1:29

My research interest is also cellular
1:29 - 1:32

network systems and mobile security analysis.
1:33 - 1:39

In this presentation we prepared a lot of interesting attack demo videos
1:40 - 1:43

and Mincheol will talk in the first half of the presentation
1:44 - 1:48

about some introductions on LTE network and concepts on Sig
1:48 - 1:52

over attack and broadcasting message injection using SigOver.
1:53 - 1:55

Then I will talk in the remaining part of
1:55 - 1:59

the presentation about a little more advanced attack.
2:02 - 2:03

Mincheol: Okay, let's start.
2:04 - 2:08

First of all what I'm going to talk about is the cellular network.
2:09 - 2:12

All of us use our cell phone for voice calls
2:12 - 2:18

playing games or watching a video anywhere at any time.
2:19 - 2:25

And the mobile phone has been developed from first generation to fourth generation
2:25 - 2:28

As shown in the figure on the right
2:28 - 2:32

And 5th generation services have now started.
2:32 - 2:37

Today we are going to talk about new and powerful attack
2:37 - 2:40

techniques that can be used for attacks in LTE.
2:41 - 2:45

Also we will explain some examples of attacks
2:45 - 2:47

and show demonstrations of them.
2:51 - 2:54

To understand the main contents,
2:54 - 2:56

we need a background for LTE.
2:56 - 3:02

The LTE system is largely composed of UEs such as a smartphone
3:02 - 3:05

used by your user for LTE service
3:05 - 3:10

and our base station is in charge of transmitting and receiving radio signals.
3:11 - 3:14

And our core network for the mobility management,
3:14 - 3:18

authentication and data services of the user.
3:19 - 3:22

For control messages such as radio connection,
3:23 - 3:27

The UE and base station use RRC protocols.
3:28 - 3:30

Similarly, the UE
3:30 - 3:35

and the core network sent and receive control messages with NAS protocols
3:36 - 3:40

The main part of our talk are the UE and the base station.
3:40 - 3:47

If so, how does the UE establish a radio connection with the base station
3:47 - 3:50

and use the LTE service?
3:51 - 3:55

First, the UE has to decide which base station to connect to.
3:56 - 3:58

To do this,
3:58 - 4:04

the UE scans the LTE frequency band and selects the most stable base station
4:04 - 4:10

by considering the frequency priority and signal strength of the base station.
4:13 - 4:14

After selecting one base station,
4:15 - 4:18

the UEs start the attach procedure
4:18 - 4:20

with the base station
4:20 - 4:23

First, so UE receives
4:24 - 4:26

PSS and SSS signal
4:26 - 4:28

sent by the base station.
4:28 - 4:29

In turn,
4:30 - 4:33

MIB and SIB are decoded.
4:33 - 4:37

All three messages are broadcast messages
4:37 - 4:39

sent by the base station.
4:39 - 4:43

They are used to match time synchronization
4:43 - 4:47

to know boundaries or transmission scheme and
4:47 - 4:49

to know information about the base station.
4:50 - 4:52

After the broadcast message
4:54 - 4:55

the UE establishes
4:55 - 4:57

a radio connection
4:57 - 4:58

with the base station.
4:59 - 5:05

This process is done using the RRC protocol messages after which the UE
5:05 - 5:08

Proceeds with secret setup for the NAS protocol.
5:09 - 5:11

Throughout this process,
5:11 - 5:15

the UE and the core network share the key and algorithms
5:15 - 5:17

for encryption and integrity check.
5:18 - 5:21

The security setup process is also performed
5:22 - 5:24

between the UE and the base station.
5:25 - 5:28

After this series of procedures the you
5:28 - 5:33

can attach successfully and use the LTE service.
5:34 - 5:38

And then, what attack is possible against the UE
5:38 - 5:42

connected to the network and using the service?
5:43 - 5:48

The most widely used method used so far is to use a fake base station.
5:49 - 5:52

An attacker could use a fake base station
5:52 - 5:55

that behaves like a legitimate base station,
5:55 - 5:57

causing the victim UE
5:57 - 6:04

to disconnect from the legitimate base station and connect to the fake base station.
6:05 - 6:07

This is possible because the UE
6:07 - 6:11

preferentially tries to connect to a strong base station.
6:13 - 6:16

Several attacks using FBS have been introduced,
6:17 - 6:18

including
6:18 - 6:19

man in the middle of attack,
6:19 - 6:22

denial of services, user identity leak,
6:23 - 6:25

fake emergency alert
6:25 - 6:25

and so on.
6:27 - 6:29

As such, the fake base station attack
6:29 - 6:33

using the characteristics of the radio communication
6:33 - 6:37

is actively used for research or actual attacks.
6:39 - 6:42

And then, here is the questions:
6:43 - 6:51

Is the FBS attack the only attack method using the characteristics of LTE radio connection,
6:52 - 6:57

or should the victim UEs always be connected to the FBS for wireless attacks?
6:59 - 7:00

The answer is no,
7:01 - 7:06

there is a more intuitive and powerful attack methods than FBS.
7:08 - 7:10

It is a signal overshadowing attack.
7:11 - 7:13

While the previous FBS attack
7:14 - 7:18

use the characteristic of selecting a stronger signal base station,
7:19 - 7:21

the SigOver attack uses
7:22 - 7:25

the characteristic of wireless communication
7:25 - 7:28

to decode the stronger signal
7:28 - 7:32

when different signals are transmitted as the same frequency.
7:33 - 7:36

This is listed by the figure below
7:38 - 7:44

the normal base station continuously transmits LTE signals in time and frequency.
7:44 - 7:48

The UE then receives and decodes the signal.
7:49 - 7:55

If the attacker can match the time and frequency exactly with the normal signal and
7:55 - 7:59

transmit a stronger signal than real signal
7:59 - 8:04

the UE will decode the stronger signal.
8:05 - 8:09

This is the signal overshadowing attack that overrides the LTE signal.
8:10 - 8:12

If the signal overshadowing attack is possible,
8:13 - 8:16

then what message can be used to overwrite?
8:18 - 8:23

The messages we can overwrite are those with no security protection.
8:23 - 8:27

First, there is a broadcast message.
8:27 - 8:32

The broadcast messages of base stations and signal for all users
8:32 - 8:36

with no consideration for encryption and
8:36 - 8:38

integrity checks in LTE specification.
8:39 - 8:44

Second, there is a message that can be used for an attack because
8:45 - 8:50

it is unprotected among messages transmitted only to a specific user,
8:50 - 8:52

not a broadcast message.
8:53 - 8:57

One reason that it is not is protected is a bug in the UE implementation.
8:58 - 9:00

The other is that
9:00 - 9:03

there are several messages in the specification.
9:04 - 9:07

There are low [protected?] messages before performing security setup.
9:08 - 9:12

The details of the SigOver attack will be discussed one by one.
9:13 - 9:19

First, I will explain what to serve in order to perform the SigOver attack
9:20 - 9:25

And how the SigOver attack is different from the existing FBS attack
9:25 - 9:30

and what kinds of attacks are possible using broadcast messages and SigOver.
9:31 - 9:35

Lastly, CheolJun will explain attacks using unicast messages
9:36 - 9:38

and then discuss something like
9:38 - 9:39

countermeasure and future works.
9:42 - 9:46

So first there are some challenges and questions for the SigOver attack.
9:47 - 9:52

First, we should consider which part of the signal we override.
9:53 - 9:55

If too many signals are overwritten
9:56 - 10:02

the UE will now receive no normal signals causing only those effects such as jamming
10:03 - 10:04

On the contrary,
10:04 - 10:07

if too few signals are covered
10:07 - 10:11

the difficulty of the attack increases and the
10:11 - 10:14

UE may not be able to decode properly.
10:15 - 10:19

The second challenge is how to synchronize time and frequency.
10:20 - 10:25

This is the most important challenge in SigOver attack where the attack signal
10:25 - 10:29

must be accurately overwritten on the signal of the normal base station.
10:30 - 10:33

Finally, how much area is okay,
10:34 - 10:37

even if the signal is transmitted like a normal base station,
10:38 - 10:41

there may be a slight error in time or frequency.
10:41 - 10:45

Therefore it is necessary to know how much
10:45 - 10:49

accuracy is required for the UE to properly decode the signal.
10:51 - 10:55

I will explain the details of these three challenges and questions
10:56 - 10:58

to answer about the first question.
10:59 - 11:01

Let's look at the LTE frame structure first.
11:02 - 11:08

An LTE frame consists of multiple subframes and a subframe has
11:08 - 11:12

multiple symbols and the message is included in our subframe,
11:13 - 11:17

meaning that there are various options to be overshadowed.
11:18 - 11:22

Symbol overshadowing requires precise synchronization.
11:22 - 11:25

So success rate is hard to guarantee
11:26 - 11:32

on the other end, frame level overshadowing requires to rewrite multiple subframes
11:32 - 11:37

or multiple messages. It can also affect other normal messages.
11:37 - 11:42

So it is quite natural to overshadow in the subframe level.
11:44 - 11:49

Next, let's look at the time synchronization first along synchronization issues
11:50 - 11:53

Attacker's subframe and legitimate subframe
11:53 - 11:56

must arrive at the UE simultaneously
11:57 - 12:01

in order to override our particular subframe accurately.
12:01 - 12:07

For simplicity, let's assume there is no propagation delay for now.
12:08 - 12:14

The attacker utilized synchronization signal called PSS and SSS
12:14 - 12:18

to get accurate time synchronization as they are sent
12:18 - 12:21

periodically from the legitimate base station.
12:22 - 12:27

But concretely, first, the attacker issues PSS, SSS
12:27 - 12:30

to get frame timing of legitimate base station,
12:31 - 12:36

meaning that the attacker can identify the frame timing t0, t1, and t2.
12:37 - 12:40

Second, once the attacker runs the timing,
12:40 - 12:44

she can predict the timing of the target subframe,
12:45 - 12:50

since each subframe has fixed size which is one millisecond.
12:51 - 12:57

For example, if the attacker overshadows the second subframe of frame 566
12:57 - 13:03

then she can transmit the malicious subframe at t2 plus one millisecond.
13:03 - 13:08

Now the attacker signal arrives at the UE simultaneously.
13:08 - 13:12

Since we assume that there is no propagation delay.
13:13 - 13:19

However in real life there is propagation delay depending on the location,
13:20 - 13:22

meaning that the zero will be delayed due
13:22 - 13:26

to the propagation delay or PSS and SSS.
13:27 - 13:31

Also, if the attacker is located far from the UE,
13:32 - 13:33

more delay would be added.
13:34 - 13:38

The delay could be compensated if the attacker precisely locate
13:38 - 13:40

the UE and the base station.
13:41 - 13:44

But it is not realistic in the wild
13:46 - 13:49

the delay is up to some maximum value
13:50 - 13:53

because they are located within range of the base station.
13:54 - 13:59

So in practice there is a delay that cannot be compensated
14:00 - 14:02

so subframes cannot be aligned exactly
14:03 - 14:10

so then we can count on the LTE UE
14:10 - 14:15

LTE is designed to be reliable especially in outdoor environments.
14:16 - 14:24

In outdoor UE can move with using point or so there is a reflect effect because of buildings.
14:24 - 14:27

So we expected that the UE would compensate
14:28 - 14:33

such small errors if the subframe is somewhat is synchronized but not exactly.
14:34 - 14:40

So the question is how much can the UE tolerate this delay error?
14:41 - 14:47

Since it is chipset dependent we measured the max delay tolerance of two COTS smartphones
14:48 - 14:53

and result is around 12 and 11 microseconds each
14:54 - 14:56

And both results exceed max delay of
14:57 - 15:01

the urban base station which is around eight microseconds.
15:01 - 15:06

So this means that the attack can succeed
15:06 - 15:08

regardless of the location of the base station
15:09 - 15:10

and the victim UEs.
15:11 - 15:15

In summary, the attacker can be anywhere within the range
15:15 - 15:18

of the base station to succeed the attack.
15:21 - 15:24

The last one to solve is frequency synchronization.
15:25 - 15:30

LTE standard specifies the minimum frequency accuracy that
15:30 - 15:33

LTE base station must have as 50 ppb.
15:34 - 15:37

So for precise synchronization,
15:37 - 15:42

the attacker needs to use a sufficiently accurate frequency
15:43 - 15:49

after that, residual frequency error can be compensated by CFO
15:49 - 15:51

correction algorithm.
15:54 - 15:57

Since the SigOver was wrong on a typical
15:58 - 16:03

SDR kit with an inaccurate oscillator, we adopt GPSDO.
16:03 - 16:06

To improve its frequency accuracy.
16:06 - 16:11

GPSDO guarantees 25 ppb accuracy
16:11 - 16:15

without GPS antenna and 1 ppb with GPS antenna.
16:16 - 16:20

Lastly we can compensate residual frequency error by
16:20 - 16:23

by PSS/SSS-based CFO correction.
16:24 - 16:26

Here's the summary
16:26 - 16:28

of the main questions and answers.
16:29 - 16:34

We overshadows subframe units using PSS/SSS.
16:34 - 16:38

for time synchronization and using GPSDO and CFO
16:38 - 16:40

correction for frequency synchronization.
16:41 - 16:46

Finally, COTS UE is generous enough to cover the entire range of
16:47 - 16:48

the urban base station
16:49 - 16:54

In short, an attacker located in the range of the base station can
16:54 - 17:00

overshadow broadcast messages to any victim within the base station coverage.
17:01 - 17:06

Next before examining the difference between SigOver and FBS,
17:07 - 17:09

I will explain the process of SigOver attack.
17:11 - 17:15

First the attacker collects necessary values by listening to
17:15 - 17:18

the broadcast message of the normal base station.
17:18 - 17:23

This process is necessary because information about base
17:23 - 17:27

station is required to disguise the attacker signal
17:27 - 17:29

as that of a normal base station.
17:31 - 17:34

Next the attacker creates a subframe
17:35 - 17:37

that contains the messages to use for the attack.
17:39 - 17:41

And now the attack begins
17:42 - 17:46

first the attacker received the PSS and SSS
17:46 - 17:51

signals of the normal base station and synchronizes time with the base station
17:52 - 17:56

then send the malicious subframe that she made
17:57 - 17:58

at the precise timing.
18:01 - 18:06

Finally the UE receiving the signal receives a malicious message
18:06 - 18:09

by decoding the articles of frames stronger than
18:09 - 18:12

the signal of the normal base station.
18:14 - 18:17

Here's our test environment to verify the SigOver.
18:17 - 18:20

We implement the SigOver by using open source
18:20 - 18:25

LTE stack and we used USRP series for radio transmission.
18:26 - 18:27

We also such as
18:29 - 18:32

iPhone XS or galaxy S9
18:32 - 18:35

to verify this attack.
18:35 - 18:39

In the remainder of this talk I will talk about performance of
18:39 - 18:43

SigOver and attacks that can be launched using SigOver.
18:45 - 18:47

Okay, so far
18:47 - 18:50

I have shown that SigOver can be used in projects
18:51 - 18:58

but both FBS and SigOver can inject malicious broadcast messages to the UEs
18:59 - 19:03

So what is the difference between SigOver and FBS?
19:03 - 19:06

Or what is the advantage of SigOver?
19:07 - 19:11

The basic advantage of SigOver compared with
19:11 - 19:14

fake base station comes from the fact that
19:14 - 19:19

the SigOver does not need connection establishment to inject the message.
19:20 - 19:22

This has multiple implications.
19:25 - 19:27

Another advantage is power efficiency.
19:28 - 19:31

SigOver does not require so strong power because
19:32 - 19:37

the attack signal only needs to be higher enough to cover the original signal
19:38 - 19:39

called capture effect.
19:41 - 19:46

It shows 98% success rate on 3dB higher power than the legitimate
19:46 - 19:50

base station. However, the FBS
19:50 - 19:54

requires much stronger power than the SigOver.
19:55 - 19:58

This is because the FBS needs to break the
19:58 - 20:01

current connection between the victim UE and the legitimate
20:02 - 20:03

base station.
20:05 - 20:10

Next I'll talk about what we can do with SigOver and broadcast messages.
20:12 - 20:16

I have explained that there is no connection between the victim UE
20:16 - 20:18

and the SigOver attacker
20:18 - 20:19

It means that
20:20 - 20:23

the UE can keep communicating with the legitimate
20:23 - 20:24

base station or
20:24 - 20:26

network during the attack.
20:26 - 20:27

For example
20:28 - 20:32

the SigOver can inject a malicious message while the UE is on phone
20:33 - 20:37

However, the UE cannot communicate with the network
20:37 - 20:39

after attaching to the FBS.
20:39 - 20:44

So the UE might fall in the denial of services.
20:45 - 20:49

Let me show you some possible attacks using SigOver, but
20:49 - 20:51

not feasible using FBS.
20:53 - 20:55

First one is signaling storm attack
20:56 - 20:59

in general signaling storm occurs through a botnet
21:00 - 21:03

but the SigOver can launch the attack without using the botnet.
21:05 - 21:08

The SigOver exploits a broadcast message called SIB-1
21:08 - 21:12

Everyone especially the tracking area code
21:12 - 21:15

by changing the tracking area code to new one,
21:16 - 21:18

the attacker can trigger tracking area update
21:19 - 21:21

procedure of the victim UE
21:22 - 21:24

which is sent to the core network.
21:26 - 21:29

All UEs in the attack range
21:29 - 21:35

may continuously receive fake SIB-1 which caused tracking area update
21:35 - 21:37

storm to the core network.
21:39 - 21:42

FBS can do the same
21:42 - 21:44

but as you expected
21:44 - 21:46

the legitimate network would be safe
21:47 - 21:53

from this attack because the FBS is not connected to the legitimate core network.
21:56 - 21:58

This is the demonstration of signaling storm
22:01 - 22:05

the program in this screenshot signaling messages of the UE
22:06 - 22:08

first the attacker injecting malicious paging message.
22:09 - 22:15

This malicious paging messages required for the UE to receive a SIB-1
22:16 - 22:19

Then, the attacker will overshadow malicious SIB-1 message
22:20 - 22:22

Then the UE generates signaling
22:22 - 22:23

to the network
22:30 - 22:31

We evaluated
22:31 - 22:35

amplification factor of signaling storm attack
22:35 - 22:40

In normal situation a UE send about 45 service request message
22:40 - 22:45

corresponding to over 600 signaling messages per hour
22:46 - 22:49

Signaling storm using SigOver can generate around
22:50 - 22:59

21,000 tracking area request corresponding to around 400,000 signaling messages per hour
22:59 - 23:05

In summary, signaling storm can generate 640 times
23:05 - 23:07

more signaling messages per UE.
23:10 - 23:14

The second is a selective DoS attack using SIB-2.
23:15 - 23:19

In SIB-2 there is a field to prevent access of
23:19 - 23:23

the UE for effective data service in a disaster situation.
23:24 - 23:28

If we manipulate this field we can prevent
23:28 - 23:31

UEs from sending service requests to the base station.
23:32 - 23:35

Of course we can also adjust the barring time
23:36 - 23:37

furthermore,
23:37 - 23:43

In the recent specification, barring service is not only divided into signaling
23:43 - 23:48

and data but also divided into details such as voice call,
23:48 - 23:50

video calls, and SMS.
23:51 - 23:54

Therefore selective DoS is possible.
23:54 - 24:00

For example all other services are possible but only voice service.
24:00 - 24:01

It's not available.
24:02 - 24:08

The selective DoS attack was verified by Galaxy S9 and succeed
24:09 - 24:10

this attack is also
24:11 - 24:12

only possible with Sigover
24:13 - 24:17

Even if the UE connect to the FBS and received the wrong SIB-2.
24:18 - 24:20

The FBS cannot make this attack
24:21 - 24:25

because the normal SIB-2 is received again
24:26 - 24:29

when the UE is connected to the normal base station. Okay,
24:31 - 24:33

this is the demonstration.
24:36 - 24:41

It would be nice to show a video of selective DoS, but not ready.
24:41 - 24:43

So this video is a DoS attack
24:43 - 24:45

using excess barring
24:46 - 24:48

the UEs can use normal data services
24:49 - 24:51

and also voice calls.
25:11 - 25:11

Okay.
25:13 - 25:14

After the SigOver attack
25:15 - 25:16

by the UE
25:33 - 25:36

Victim UEs receive malicious paging and
25:36 - 25:37

SIB-2 messages.
25:39 - 25:40

And uh
25:41 - 25:42

the UE
25:44 - 25:46

Normal service is not available
25:50 - 25:52

even after the attacker program is terminated.
25:52 - 25:55

The normal service is not available too
26:17 - 26:18

Okay.
26:19 - 26:21

The following is an attack using
26:21 - 26:24

IMSI paging. In the figure on the left,
26:24 - 26:26

a UE that is normally attached.
26:26 - 26:31

is released in the idle state by releasing radio connection when
26:31 - 26:32

not using LTE data
26:33 - 26:34

At this time,
26:35 - 26:38

If there is a service request for the UE from the networks,
26:39 - 26:42

the base station sends a broadcast message paging
26:42 - 26:43

to inform the UE
26:44 - 26:50

the identifier used at this time is a temporary ID of the UE called GUTI.
26:50 - 26:54

However, if paging is sent using the unique ID
26:54 - 26:56

of the UE called IMSI,
26:57 - 27:01

The UE will disconnect and reattach according to the behavior
27:01 - 27:03

defined in the standard.
27:04 - 27:08

This alert, a DoS attack on the UE that is using the LTE service.
27:13 - 27:14

This is IMSI paging demo
27:16 - 27:18

This is our testbed setup
27:18 - 27:20

There is a lot of attacker's PC and USRP.
27:28 - 27:30

Victim UE receives
27:31 - 27:32

the voice call
27:38 - 27:42

the attacker inject a paging message with the victims IMSI
27:45 - 27:46

due to the IMSI paging,
27:47 - 27:49

the voice call is disconnected.
27:55 - 28:00

The final attack I will introduce is a fake emergency alert attack
28:01 - 28:03

This attack uses SIB-12,
28:03 - 28:07

which is used for a lot of systems in normal networks.
28:07 - 28:10

The process of using CMAS is as follows.
28:11 - 28:12

Three messages:
28:12 - 28:15

SIB-1, SIB-12. and paging
28:15 - 28:17

are involved in CMAS process.
28:18 - 28:19

based on this process.
28:20 - 28:22

The attacker overshadows the SIB-1
28:22 - 28:24

SIB-12 and paging messages.
28:38 - 28:39

For attack,
28:40 - 28:42

victim phone is connected to the legitimate
28:42 - 28:43

base station
28:44 - 28:45

and attacker
28:46 - 28:47

synchronizes
28:47 - 28:51

time and frequency with the legitimate base station.
29:07 - 29:08

This is fake emergency alert
29:09 - 29:10

message
29:13 - 29:14

to sum up briefly,
29:15 - 29:19

we have designed and implemented a signal overshadowing attack
29:19 - 29:23

Using the fundamental weakness of wireless communication,
29:23 - 29:27

the SigOver attack is more powerful than the FBS attack
29:28 - 29:32

in terms of power efficiency and the connection between the UE
29:32 - 29:36

and the normal base station can perform various attacks.
29:38 - 29:42

As an example, I showed demonstrations of four attacks.
29:42 - 29:47

Then what can you do with unicast injection attack?
29:48 - 29:52

The answer of this question will be explained in detail by CheolJun.
29:56 - 29:58

CheolJun: Hi again and thank you Mincheol.
29:59 - 30:00

So as Mincheol said,
30:00 - 30:05

what else can we do with the unicast SigOver injection attack?
30:07 - 30:10

So when we go back to the fake base station attack,
30:11 - 30:13

there have been various attacks using fake base station
30:14 - 30:18

as an example of an existing FBS attack man in the middle
30:18 - 30:24

attack can be used for injecting, stealing or eavesdropping victim's information.
30:25 - 30:31

If the fake base station is not an LTE base station but a 3G or 2G base station,
30:32 - 30:36

attacker can cause a greater damage to the victim's privacy.
30:38 - 30:41

But actually these attacks are quite limited to use
30:42 - 30:48

these attacks all assumed that the victim is already connected to the fake base station
30:49 - 30:50

but in a static situation
30:51 - 30:52

in order for a UE
30:52 - 30:53

to pass over to the
30:53 - 30:54

fake base station,
30:55 - 30:59

The fake base station signal must be about 40 dB
30:59 - 31:02

Or 10,000 times larger than the commercial one.
31:03 - 31:04

This is because the fake
31:04 - 31:08

base station need to break the current connection between victim UE
31:09 - 31:11

and legitimate base station
31:12 - 31:13

operating
31:13 - 31:16

fake base station with a strong signal requires a lot
31:16 - 31:20

of resources and increases the chance to be detected.
31:21 - 31:25

However SigOver can solve these limitations
31:25 - 31:31

by injecting unicast messages attacker can force victims to attach to the
31:31 - 31:32

fake base station.
31:34 - 31:37

So won't the unique text message.
31:37 - 31:42

The RC connection release message is message delivered by the base station to the U.
31:42 - 31:43

E.
31:44 - 31:47

It is used to command the release of an RC connection.
31:48 - 31:51

So when the U. E. Receives this message
31:52 - 31:55

it will disconnect from the existing connection
31:56 - 31:59

and plus unicorns messages can have additional fields.
32:01 - 32:03

One of the additional fields.
32:03 - 32:07

The redirected carrying full field is used to indicate the
32:07 - 32:10

next frequency where the you we shall connect to.
32:11 - 32:17

UE uses this information to select an acceptable base station to camp on.
32:19 - 32:22

Also the redirected frequencies can be not only for
32:22 - 32:25

lt base stations but also for three G.
32:25 - 32:28

Or two G. Base station which is more vulnerable.
32:30 - 32:35

And the another additional fields is idle mode mobility control. In full field.
32:36 - 32:41

This field is used to provide dedicate sales, election rez election priorities.
32:42 - 32:45

When the research is for the base station
32:45 - 32:48

it does not check all the frequencies.
32:48 - 32:53

Instead it checks only selected frequencies based on frequency
32:53 - 32:57

previously connected or frequency received from the network.
32:58 - 33:03

So we noticed that when the UE is redirected to a non
33:03 - 33:08

searching frequency you we did not redirect it to that frequency.
33:08 - 33:12

However when a non non searching frequency was
33:12 - 33:15

included in the idle mode mobility controlling fulfilled
33:16 - 33:20

you we was redirected. Well even though it was a new frequency,
33:22 - 33:25

the figure actually shows that the U. E.
33:25 - 33:30

Is redirected to another base station After receiving on RC connection release
33:30 - 33:33

message with a redirected carrying fulfilled
33:33 - 33:35

and idle mode mobility controlling fulfilled.
33:36 - 33:38

You can see that the radio
33:38 - 33:41

frequency channel number representing the communication
33:41 - 33:46

frequency of the base station has changed from 100 to 2600.
33:47 - 33:48

So
33:48 - 33:52

if the attacker can inject this message to the victim, Ue
33:53 - 33:57

attacker can force victim uE to move to the faith base station
34:00 - 34:04

in order to inject this RC connection release message
34:04 - 34:07

injected messages should be decoded on the U.
34:07 - 34:07

E.
34:08 - 34:09

To do this.
34:10 - 34:14

More efforts are required than when injecting a broadcast message.
34:15 - 34:16

Firstly
34:16 - 34:18

when injecting broadcast message,
34:19 - 34:24

attacker only had to consider base stations configuration to inject the message
34:25 - 34:28

but to inject the unique cast message.
34:28 - 34:35

Attacker also have to consider only additional information like us I. D. R. N. T. I.
34:35 - 34:41

Which is a temporarily identify rare sequence number message format and so on.
34:42 - 34:46

Moreover, the message must be set correctly in the right place.
34:47 - 34:51

UE does not decode all the messages over the air,
34:51 - 34:54

but only because what it needs to decode.
34:55 - 35:00

The location of the broadcast message is common space and every
35:00 - 35:03

year we have to decode the message on the common space,
35:03 - 35:09

but the location of the unique cast message is a US specific space
35:09 - 35:10

and
35:11 - 35:14

it is determined according to the R. N. T. I.
35:14 - 35:15

So
35:15 - 35:19

the message should be decoded at the U. S. Specific space.
35:20 - 35:26

With these extra efforts. Unicorns messages can also be injected. Fear sick over
35:28 - 35:29

now,
35:29 - 35:34

I will introduce attack scenarios using RC connection release message injection
35:35 - 35:36

in this attack,
35:36 - 35:41

the attacker is assumed to know the M Z or R N T I. Of the victim.
35:42 - 35:46

We also assume that an attacker is located where he can
35:46 - 35:50

hear signals from legitimate base station such as victim you.
35:50 - 35:51

E
35:52 - 35:55

Attack Scenarios can be divided into two.
35:55 - 36:00

First situation is when there is a vulnerability on the device
36:00 - 36:01

in this case,
36:01 - 36:05

I'll take her in this to know M Z or R and T I.
36:06 - 36:10

If the victim UE has the vulnerability that accepts
36:10 - 36:14

security unprotected message even after the security activation,
36:15 - 36:18

the attacker can easily inject the unique last message.
36:19 - 36:21

We could found this vulnerability while
36:21 - 36:25

developing methods to test devices vulnerability.
36:26 - 36:31

The second situation is when there is no vulnerability on the device
36:31 - 36:32

in this case
36:33 - 36:35

the attacker needs to know the MZ.
36:36 - 36:37

Then
36:37 - 36:39

the attacker needs to inject message before the
36:40 - 36:41

secret activation
36:42 - 36:46

for this attack. There need additional technical implementations.
36:46 - 36:49

Actually, this implementation is in progress.
36:51 - 36:52

Now,
36:52 - 36:57

the first scenario is when there is see a vulnerability in the U. E.
36:58 - 37:03

This UV has a vulnerability that receives unprotected messages
37:03 - 37:06

even in the presence of a security context.
37:07 - 37:10

The victim UE is now connected to the
37:10 - 37:14

legitimate network and has finished the security process.
37:15 - 37:22

So the victim um he has a security context and it is using normal cellular service.
37:24 - 37:25

Then
37:25 - 37:30

the attacker injects on unprotected RC connection release message on the U. E.
37:32 - 37:33

Due to the vulnerability
37:33 - 37:35

the U. E. Except
37:35 - 37:38

security. Unprotected RC connection release message.
37:39 - 37:40

Then the U.
37:40 - 37:44

We disconnect the existing connection and is redirected to the
37:44 - 37:48

attacker state base station and request for the connection.
37:51 - 37:55

The second scenario is when there is no vulnerability on the
37:56 - 37:57

the victim, UV.
37:57 - 38:03

Is now connected to the legitimate network and he has finished the security process
38:04 - 38:06

so the victim um he has a security
38:06 - 38:11

context and it only accept security protected messages.
38:12 - 38:16

Thus the attacker cannot inject messages for now.
38:18 - 38:24

So attacker must delete the user US security context in
38:24 - 38:29

order for the victim to receive on our Attackers unprotected messages
38:30 - 38:31

to do this.
38:31 - 38:35

The attacker injects a mg paging message
38:36 - 38:39

According to the three GPP specification.
38:39 - 38:42

When you we received the MG patient message,
38:43 - 38:46

it should immediately terminate all service
38:46 - 38:50

sessions deletes parameters including security key.
38:51 - 38:55

So by injecting mg paging message article
38:55 - 38:58

can delete the security context of the victim
39:01 - 39:03

after you terminate the existing connection.
39:04 - 39:07

It's talks over the attached procedure with the base station.
39:09 - 39:13

Before the victim usually finishes the security procedure,
39:14 - 39:17

the attacker injects on RC connection release message
39:18 - 39:20

When there is no security context.
39:20 - 39:26

UE is allowed to receive the security unprotected RC connection release message.
39:27 - 39:28

Therefore the U.
39:28 - 39:32

E processes the Attackers message and sends a
39:32 - 39:35

connection request to the attacker's face face station
39:37 - 39:42

so far we have introduced a tax that brings target victims to the
39:42 - 39:43

base stations
39:44 - 39:50

but existing big base station attack can bring all the unspecified us to it
39:51 - 39:54

from on FPs Attackers point of view
39:54 - 39:55

it may be easier
39:56 - 39:58

and better to attach all the um around
39:59 - 40:00

then
40:00 - 40:01

we need to know
40:01 - 40:04

if this takeover attack can do the same thing
40:06 - 40:07

in this attack.
40:08 - 40:11

The attacker constantly monitors down like messages from
40:11 - 40:14

the commercial base station to acquire are.
40:14 - 40:17

NT I from RC connection setup message.
40:18 - 40:20

Once the attacker gets the R. N. T.
40:20 - 40:24

I, attacker injects the RC connection release message,
40:25 - 40:30

attacker can repeat the entire process until he brings the all the US around.
40:33 - 40:36

To verify this attack. We used galaxy s. four.
40:37 - 40:40

The Galaxy S four is the one of the vulnerable device that
40:40 - 40:46

receives an unprotected message even in the presence of a security context.
40:47 - 40:50

This vulnerability was discovered while
40:50 - 40:53

studying methods to test devices vulnerability
40:54 - 40:59

in this case we could inject on RC connection release message to the U.
40:59 - 41:02

E without deleting the security context
41:03 - 41:06

to inject the RC collection release message.
41:06 - 41:13

We used free open source LT software, S R S L. T and U S. R. P X. 310.
41:14 - 41:18

When the U. E. Is normally connected to the cellular network.
41:18 - 41:22

We injected crafted message to redirect the victim
41:22 - 41:25

UE to the attacker state base stations,
41:25 - 41:27

frequency 363.
41:28 - 41:28

Okay.
41:29 - 41:32

The injected message contains the redirected carrying
41:32 - 41:34

fulfilled and idle mode mobility control.
41:34 - 41:35

In fulfilled.
41:37 - 41:41

Redirected carrying full field is set to the lT frequency type
41:42 - 41:44

And contains 363
41:44 - 41:46

the frequency of fake face station.
41:48 - 41:51

The idle mode mobility control and fulfilled contains a list
41:51 - 41:56

of normal base stations frequency and an attacker's frequency.
41:57 - 41:57

At this time
41:58 - 42:03

the priority of Attackers frequency is set to the highest to
42:03 - 42:07

ensure that the victim's definitely passes over the fake face station.
42:09 - 42:11

Here is the demonstration of the attack.
42:15 - 42:15

Mhm.
42:20 - 42:22

So at the first time
42:23 - 42:24

the
42:24 - 42:27

Victim's phone is connected to the alleged to make base station
42:28 - 42:28

100
42:29 - 42:31

And Autocracies Operating
42:31 - 42:33

Base Station 3 6 3.
42:35 - 42:38

Then the attacker injects the message.
42:45 - 42:49

And as you can you could see at the monitor the signal
42:49 - 42:54

was injected and the injected message has the contents of as follows.
42:54 - 42:57

And this is same with what I said before.
43:08 - 43:10

And then as you can see at the
43:10 - 43:13

base stations, monitor the victim's phone is connected to the
43:13 - 43:14

base station.
43:16 - 43:20

And if you see the package during the attack
43:21 - 43:22

do you?
43:22 - 43:24

That one is the injected message.
43:25 - 43:30

After that the victim's phone makes a new connection with the fake base station.
43:30 - 43:34

So it moved from 100 to the 363.
43:34 - 43:40

So after this attack we could do anything like me in the middle attack and so on.
43:44 - 43:49

So in the previous previous demo the victim you we was connected to a commercial
43:49 - 43:55

base station and then moved to a faith base station that had never been connected.
43:56 - 43:59

Let's sum up the big base station attack using sick over
44:00 - 44:05

first. This attack requires much less power and it's easier than
44:05 - 44:07

the traditional fake base station attacks.
44:08 - 44:09

As a result,
44:09 - 44:13

the chance to be detected decreases and the effective
44:13 - 44:14

range increases
44:15 - 44:20

2nd. The attacker can choose victim to move to the big base station
44:20 - 44:26

since the attacker injector unicorns message only the targeted um is affected.
44:27 - 44:30

Therefore the chance to be detected also reduced.
44:30 - 44:34

And it allows the attacker to definitely forced the
44:34 - 44:36

target to attach to a big base station.
44:37 - 44:38

Finally,
44:39 - 44:40

The attack was fake.
44:40 - 44:46

Base station can be not only LT base station but also a 3G or two G base station.
44:46 - 44:50

As the 3G or 2G base stations are more vulnerable.
44:50 - 44:54

Attacker can perform more severe attacks
44:56 - 44:59

and now I'm going to talk about some countermeasures.
44:59 - 45:02

Discussion conclusion and future. Works
45:03 - 45:04

for future. Works
45:05 - 45:08

to make this attack possible for all the U. S.
45:08 - 45:11

Actually, additional implementations or needed
45:12 - 45:17

first issued to be implemented to find out the identity of the victim using MZ.
45:18 - 45:22

An attacker can do this by monitoring the RC connection,
45:22 - 45:25

settle message after sending the MG paging.
45:26 - 45:29

Actually it is already possible but it must
45:29 - 45:33

be optimized with injecting techniques in real time.
45:34 - 45:35

Second,
45:35 - 45:41

it should be made implemented to inject message before the security process ends
45:41 - 45:46

to do this. There is a little time to inject messages. As you can see at the figure
45:47 - 45:49

hardware optimizations are necessary,
45:50 - 45:54

although there are some things that need to be implemented.
45:54 - 45:59

We expect that this attack will be possible on every U. E.
45:59 - 46:01

If the hardware is fully optimized.
46:04 - 46:07

And for the countermeasures for this attack,
46:08 - 46:11

the secure solution against sick over attack on
46:11 - 46:14

the message is to use digital signature.
46:14 - 46:15

Currently
46:15 - 46:20

only a single injected message can cause a long term denial of service.
46:21 - 46:25

Once the message is protected with a digital signal signature,
46:26 - 46:30

it it can prevent the attacks introduced so far.
46:31 - 46:31

Plus
46:31 - 46:33

the attack cost would be increased.
46:34 - 46:39

This is because the attacker have to inject wrong message continuously
46:39 - 46:43

to cause denial service in the presence of the digital signature.
46:44 - 46:45

Moreover,
46:45 - 46:49

it becomes possible to detect the presence of the attack.
46:50 - 46:54

Actually, this is possible because from the 5G
46:55 - 46:58

operators public key will be stored in the using
46:59 - 47:01

In fact three GPP.
47:01 - 47:04

is recently studying the FPs problem and
47:04 - 47:08

lack of integrated protection of broadcasting information
47:10 - 47:14

and since Ho jin first published sick over attack on broadcast message.
47:14 - 47:20

In last august we have received many requests to request release the code.
47:20 - 47:22

Attack code as an open source.
47:23 - 47:26

However, we have some reasons that we can't.
47:26 - 47:29

The first reason is that according to
47:29 - 47:33

the GSM A on organization for cellular carriers
47:33 - 47:39

said the GSM a have no objection to any security research being open sourced where
47:40 - 47:46

there is a clear security benefit and there is no risk posed to innocent users
47:47 - 47:51

releasing this code clearly has some security benefits.
47:52 - 47:53

However, unfortunately
47:54 - 47:59

the proposed attack can affect a large number of innocent users around.
48:00 - 48:03

So it might be hard to release the arctic coat.
48:04 - 48:07

And another reason is the quality of the codes.
48:09 - 48:11

Thank you.
48:13 - 48:13

Mm hmm.
48:15 - 48:16

Currently
48:16 - 48:20

the code we made is not well organized to make it open source.
48:23 - 48:24

In conclusion,
48:24 - 48:29

we presented single over attack physically overwriting specific self frames.
48:30 - 48:35

Seek over is a new exploit on unpatched an insecure channel on LT network
48:37 - 48:39

Comparing two attacks using fake face stations.
48:39 - 48:42

Sick over is way cheaper and healthier.
48:44 - 48:47

Also, we found new attacks on physical channel
48:48 - 48:50

by injecting broadcast messages.
48:50 - 48:53

We could cause denial of service access
48:53 - 48:57

borrowing signaling stone and fake emergency alert.
48:58 - 49:02

And by injecting unique cast message we could force
49:02 - 49:05

targeted victim to move to the fake base station.
49:06 - 49:07

Finally,
49:07 - 49:11

I expect this sick over attack will be used in the wild.
49:12 - 49:13

Therefore
49:13 - 49:18

not only cellular networks but all the systems based on the cellular networks
49:18 - 49:21

such as equal to everything can be affected
49:23 - 49:28

in the future. Mobile communication technologies such as five G and six G R.
49:28 - 49:29

Developed
49:29 - 49:32

So more secure systems should be made
49:32 - 49:35

by considering the security of the physical layer
49:36 - 49:38

which was not considered before.
49:39 - 49:40

Therefore,
49:40 - 49:43

I strongly suggest three TPP to use digital
49:43 - 49:47

signatures for physical channel despite its difficulty.
49:54 - 49:54

Thank you.
49:55 - 49:59

And for the last we have responsibly disclosed
49:59 - 50:01

these attacks to the GSM A and Qualcomm.
50:03 - 50:07

Thank you for listening And if you're having any questions please let us know.
50:07 - 50:10

And if you're having any long questions,
50:10 - 50:13

please email us through the emails on the slide
50:14 - 50:15

and
50:15 - 50:20

the photo is our left photo and my supervisor is younger kim.
50:21 - 50:24

Maybe some of you would have heard about him
50:24 - 50:27

because he's doing a lot of researches about security.
50:27 - 50:27

So
50:27 - 50:28

anyway, thank you.
50:29 - 50:39

All right, thanks you too. So far we have around 10 minutes for questions.
50:39 - 50:43

So if you have questions for the speakers, please go to one of the room mix.
50:43 - 50:46

And well for let you ask your question,
50:48 - 50:49

do we already have people lined up?
50:49 - 50:51

Let's start with a question from the signal angel.
50:53 - 50:56

-- There's one question
-- are these methods similar
50:56 - 50:57

or the same use
50:57 - 51:03

-- by law
-- enforcement and the user mentioned stingray for an example.
51:06 - 51:08

Ah pardon please?
51:09 - 51:12

Where where are you? Can you raise your hands? I can say okay.
51:12 - 51:15

-- How can you say the
-- question from the internet. So
51:15 - 51:17

-- are
-- these methods similar?
51:17 - 51:19

The same used by the law enforcement,
51:20 - 51:22

Low enforcement police.
51:23 - 51:24

Yeah, maybe
51:25 - 51:26

it might be possible.
51:26 - 51:31

But actually it is as I know using the frequency
51:31 - 51:36

that legitimate basis stations is already like illegal to use.
51:36 - 51:37

So
51:38 - 51:40

I think that cannot be the solution.
51:45 - 51:50

Alright. I actually don't see anybody yet but there is one at Mike three Please.
51:51 - 51:56

Yes. So you show us sub frame what you replace it?
51:57 - 51:59

Why can't your hash
51:59 - 52:02

the values for integrity.
52:02 - 52:04

So the replacements will be kind of hard to do.
52:06 - 52:13

Maybe that also can be your problem and solution, but using hash right,
52:16 - 52:17

I said probably.
52:18 - 52:23

-- So
-- just to check some the full frame, so if you replace the suffering,
52:23 - 52:25

that should be involved.
52:27 - 52:29

Yeah, but that can be a solution,
52:29 - 52:32

but I think we have to think about how
52:32 - 52:36

to connect a secure connection at the first time.
52:36 - 52:38

If we don't have anything between like
52:39 - 52:41

U e and D network,
52:41 - 52:45

maybe sending some hash also will be challenged maybe
52:47 - 52:50

is that can be a solution to your question.
52:52 - 52:52

There you go.
52:52 - 52:56

-- Yes, so I'm not
-- sure if I understood, so, you know that I could
52:56 - 52:57

Have,
52:57 - 52:58

let's say 10 frames,
52:58 - 53:00

-- can you replace
-- suffering too?
53:01 - 53:01

Right,
53:01 - 53:02

yep,
53:03 - 53:06

-- yes, So if all
-- The 10 frames will be harsh,
53:08 - 53:11

your replacement will be detected.
53:12 - 53:14

Is it possible on multi level
53:16 - 53:19

-- to change the
-- standard to have some hashing or integrity?
53:20 - 53:22

Yeah, maybe that will be possible,
53:22 - 53:31

but I think we need another way to transfer the hash value to check the connection.
53:32 - 53:34

Well, I think that can also be another solution.
53:38 - 53:40

Alright, let's go to mike wanda.
53:41 - 53:45

-- Um I would like to know if you know what
-- your personal
53:45 - 53:46

opinion and feeling
53:46 - 53:49

-- is um if this will
-- be mitigated
53:49 - 53:52

-- by the vendors and the standard
-- bodies,
53:54 - 53:55

I mean, will they fix it?
53:56 - 53:58

Ah in the future. Right.
53:59 - 54:02

-- Of course. In the future they cannot fix it in
-- the past. Right?
54:02 - 54:04

Yeah, so
54:05 - 54:08

maybe as I said before,
54:08 - 54:10

like Jessamy is already like considering these
54:10 - 54:13

attacks and they have some regular meetings,
54:14 - 54:20

Maybe the last meeting was in Nevada in november. And maybe in the future they will
54:20 - 54:22

but not for now. So
54:23 - 54:24

maybe you have to ask
54:24 - 54:27

If there is any person from three g. p. p.
54:29 - 54:30

Okay.
54:30 - 54:32

Okay. Alright. Thanks.
54:33 - 54:36

Does the Signal angel have any other questions? No.
54:37 - 54:42

-- Then I think this concludes the question and answer section. Thanks
-- again.
54:42 - 54:42

Thank you.
54:43 - 54:44

Yeah.
54:49 - 54:52

Mm hmm hmm hmm hmm hmm hmm hmm hmm hmm hmm hmm hmm hmm.
54:56 - 54:59

Yeah.
55:01 - 55:01

Okay.
55:01 - 55:02

Thank you.
55:03 - 55:03

Mm hmm
55:06 - 55:06

mm hmm.
55:10 - 55:11

Okay.

Title:: 36C3 - SigOver + alpha
Description:: more » « less
Video Language:: English
Duration:: 55:16

	billatq edited English, British subtitles for 36C3 - SigOver + alpha
	billatq edited English, British subtitles for 36C3 - SigOver + alpha
	billatq edited English, British subtitles for 36C3 - SigOver + alpha
	billatq edited English, British subtitles for 36C3 - SigOver + alpha
	billatq edited English, British subtitles for 36C3 - SigOver + alpha
	billatq edited English, British subtitles for 36C3 - SigOver + alpha
	billatq edited English, British subtitles for 36C3 - SigOver + alpha
	billatq edited English, British subtitles for 36C3 - SigOver + alpha

Show all

English, British subtitles

Incomplete

Revisions

Revision 11 Edited

billatq

36C3 - SigOver + alpha

Revisions

Our website uses cookies

Operating cookies (Required)